Edb ID: 48564 CVE: N/A Author: Felipe Winsnes Type: Local Platform: Windows Date: 2020-06-08 Vulnerable App: Quick Player 1.3 Exploit Verified: No Exploit Description: - An exploit for a buffer overflow vulnerability in Quick Player 1.3, specifically targeting the '.m3l' file format using Unicode and SEH. - The exploit can be executed locally on a Windows 7 system. - The exploit script generates a malicious file which, when opened by the Quick Player, triggers the buffer overflow. Vulnerability Details: - The exploit takes advantage of a buffer overflow in the handling of files. - The exploit uses a combination of Unicode characters and SEH (Structured Exception Handler) to achieve code execution. Exploit Code: - The code shown in the screenshot is a Python script that generates the malicious file. - The script constructs the payload with various buffer, alignment, and return address values to achieve the desired exploitation effect.